Can anyone help me with this log?

**tampafl** · 05-15-2008, 09:22 AM

Well, the ESET scan stayed stuck at the same point all night and is still stuck as we speak. It's at the same point it was when I hit the "stop" button last time. The blue bar will go all the way to the end and the time will stop. After 30min I ended it last time and this time it's been 8 or 9 hours at the same point. What should my next step be? Should I end it again or let it go?

**jholland1964** · 05-15-2008, 09:27 AM

Yeah, go ahead and end it. See if you can run and fix with a couple of the others that are in the sticky...maybe Panda and Trend Micro House Call.
We ARE going to get this thing clean! Things like this just drive me crazy!

**tampafl** · 05-15-2008, 09:38 AM

LOL, me too! All day yesterday people kept asking me what was wrong, that I look frustrated. I kept replying "I AM FRUSTRATED!"

I'm going to try those....be back soon-

Michelle

**tampafl** · 05-15-2008, 10:09 AM

Ok- Panda came back and said my computer is not infected and microtrend won't run. It said I needed to download Java. When I clicked the Java install link I get this msg. "several java virtual machines running in the same process caused an error"

**jholland1964** · 05-15-2008, 10:18 AM

For Java go here
download the latest version, please choose the OFFLINE install. Save it to the desktop. Once it is downloaded then close out the browser and go to Add/Remove and Uninstall ALL previous versions of Java showing there. Once you have uninstalled all of them then install the new version that is waiting on the desktop.
Once it is installed then go here
to verify the program installed correctly. Then try the other scans.

**tampafl** · 05-15-2008, 01:13 PM

Ok, Panda and trend micro came back saying there was no threats found on the computer. However, I'm still having this problem with window after window opening up-

Is there a log you want me to post to check out?

**tampafl** · 05-15-2008, 01:16 PM

Judy-

When we get this taken care of will you point me in the right direction to install a good antispyware and firewall program? I know I saw a sticky about it but I'm not too sure which one it was as I read thru quite a few of them.

I don't want to go installing more stuff or messing with anything until this was taken care of first (read that in a sticky too!) but when it's problem free I'd like to get some protection for the computer.

**jholland1964** · 05-15-2008, 04:09 PM

Next you should download ComboFix
Click on the Save button and then when it asks you where to save it, make sure you save it directly to your Windows Desktop.

When you have the Save as screen configured to save ComboFix.exe to the Desktop, click on the Save button. ComboFix will now start downloading to your computer. If you are on a dialup, this may take a few minutes. When ComboFix has finished downloading you will now see an icon on your desktop similar to the one below.

ComboFix Icon

Double-click on the ComboFix icon found on your desktop. Please note, that once you start ComboFix you should not click anywhere on the ComboFix window as it can cause the program to stall. In fact, when ComboFix is running, do not touch your computer at all and just take a break as it may take a while for it to complete.
It is possible you may get a security warning concerning the running of the program. Windows is issuing this prompt because ComboFix does not have a digital signature. This is perfectly normal and safe and you can click on the Run button to continue.

It may also show you a disclaimer requesting that you press 1 to continue or 2 to abort. Press 1.
ComboFix will create a System Restore point so that if any problems occur while using the program you can restore back to your previous configuration. When ComboFix has finished creating the restore point, it will then backup your Windows Registry.

Once the Windows Registry has finished being backed up, ComboFix will disconnect your computer from the Internet. Therefore, do not be surprised or concerned if you receive any warnings stating that you are no longer on the Internet as your connection will be completely restored at a later stage in the program.

ComboFix will now start scanning your computer for known infections. This procedure can take some time, so please be patient.

While the program is scanning your computer, it will change your clock format, so do not be concerned when you see this happen. When ComboFix is finished it will restore your clock settings to what they were previously. You will also see the text in the ComboFix window being updated as it goes through the various stages of its scan.
When ComboFix has finished running, you will see a screen stating that it is preparing the log report.
This can take a while, so please be patient. If you see your Windows desktop disappear, do not worry. This is normal and ComboFix will restore your desktop before it is finished. Eventually you will see a new screen that states the program is almost finished and telling you the programs log file, or report, will be located at C:\ComboFix.txt.

When ComboFix has finished, it will automatically close the program and change your clock back to its original format. It will then display the log file automatically

Please post back here with that full log.
Remember Do NOT Touch the computer while combofix is running.

**jholland1964** · 05-15-2008, 04:10 PM

Originally Posted by tampafl

Judy-

When we get this taken care of will you point me in the right direction to install a good antispyware and firewall program? I know I saw a sticky about it but I'm not too sure which one it was as I read thru quite a few of them.

I don't want to go installing more stuff or messing with anything until this was taken care of first (read that in a sticky too!) but when it's problem free I'd like to get some protection for the computer.

Absolutely.

**tampafl** · 05-15-2008, 09:32 PM

Ok, all went well! Here's the report-

ComboFix 08-05-15.2 - New Mom 2008-05-15 21:56:53.1 - NTFSx86
Running from: C:\Documents and Settings\New Mom\Desktop\ComboFix.exe
* Created a new restore point

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Documents and Settings\Mom\Application Data\SpamBlocker
C:\Program Files\Common Files\{1C661~1
C:\Program Files\Common Files\{1C661~2
C:\Program Files\Common Files\companion wizard
C:\Program Files\Common Files\companion wizard\log.txt
C:\Program Files\Common Files\ecurit~1
C:\Program Files\Common Files\racle~1
C:\Program Files\crosof~1
C:\Program Files\Messenger\livefolus821058.dll
C:\Program Files\scurit~1
C:\temp\tn3
C:\WA6P
C:\WINDOWS\asks~1
C:\WINDOWS\cookies.ini
C:\WINDOWS\icroso~1.net
C:\WINDOWS\pskt.ini
C:\WINDOWS\system32\{188ea3af-d8ca-9191-e51e-945453515a28}.dll
C:\WINDOWS\system32\asembl~1
C:\WINDOWS\system32\AutoRun.inf
C:\WINDOWS\system32\dFrnx05
C:\WINDOWS\system32\drivers\mskssrvv.sys
C:\WINDOWS\system32\GfgjQqss.ini
C:\WINDOWS\system32\GfgjQqss.ini2
C:\WINDOWS\system32\mcrh.tmp
C:\WINDOWS\system32\MSINET.oca
C:\WINDOWS\system32\stera.log
C:\WINDOWS\system32\xrrhfdno.ini
C:\WINDOWS\wnsxs~1

.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_MSKSSRVV
-------\Legacy_NPF
-------\Legacy_VSPF
-------\Legacy_VSPF_HK
-------\Service_mskssrvv

((((((((((((((((((((((((( Files Created from 2008-04-16 to 2008-05-16 )))))))))))))))))))))))))))))))
.

2008-05-15 11:40 . 2008-05-15 14:13 <DIR> d-------- C:\Documents and Settings\New Mom\.housecall6.6
2008-05-15 11:36 . 2008-02-22 02:33 69,632 --a------ C:\WINDOWS\system32\javacpl.cpl
2008-05-15 11:35 . 2008-05-15 11:35 <DIR> d-------- C:\Program Files\Common Files\Java
2008-05-15 08:25 . 2008-05-15 08:27 <DIR> d-------- C:\Program Files\Team6 game studios
2008-05-15 00:30 . 2008-05-15 00:30 2,652 --a------ C:\WINDOWS\system32\tmp.reg
2008-05-15 00:29 . 2007-09-06 00:22 289,144 --a------ C:\WINDOWS\system32\VCCLSID.exe
2008-05-15 00:29 . 2006-04-27 17:49 288,417 --a------ C:\WINDOWS\system32\SrchSTS.exe
2008-05-15 00:29 . 2008-04-24 08:10 86,528 --a------ C:\WINDOWS\system32\VACFix.exe
2008-05-15 00:29 . 2008-04-28 08:03 82,944 --a------ C:\WINDOWS\system32\IEDFix.exe
2008-05-15 00:29 . 2008-04-28 08:03 82,944 --a------ C:\WINDOWS\system32\404Fix.exe
2008-05-15 00:29 . 2003-06-05 21:13 53,248 --a------ C:\WINDOWS\system32\Process.exe
2008-05-15 00:29 . 2004-07-31 18:50 51,200 --a------ C:\WINDOWS\system32\dumphive.exe
2008-05-15 00:29 . 2007-10-04 00:36 25,600 --a------ C:\WINDOWS\system32\WS2Fix.exe
2008-05-14 21:01 . 2008-05-14 23:29 <DIR> d-------- C:\Program Files\EsetOnlineScanner
2008-05-14 18:40 . 2008-05-14 18:40 <DIR> d-------- C:\Program Files\Malwarebytes' Anti-Malware
2008-05-14 18:40 . 2008-05-14 18:40 <DIR> d-------- C:\Documents and Settings\New Mom\Application Data\Malwarebytes
2008-05-14 18:40 . 2008-05-14 18:40 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2008-05-14 18:40 . 2008-05-05 20:46 27,048 --a------ C:\WINDOWS\system32\drivers\mbamcatchme.sys
2008-05-14 18:40 . 2008-05-05 20:46 15,864 --a------ C:\WINDOWS\system32\drivers\mbam.sys
2008-05-14 15:23 . 2008-05-14 20:30 94,208 --------- C:\WINDOWS\system32\opxakaxb.dll
2008-05-14 15:20 . 2008-05-14 15:20 115,712 --a------ C:\WINDOWS\system32\giealbih.dll
2008-05-14 14:06 . 2008-05-14 14:06 108,032 --a------ C:\WINDOWS\system32\gcjwkrng.dll
2008-05-13 20:26 . 2008-05-13 20:27 <DIR> d-------- C:\Program Files\Panda Security
2008-05-13 19:00 . 2008-05-13 19:00 <DIR> d-------- C:\Program Files\Trend Micro
2008-05-13 18:09 . 2008-05-13 18:09 <DIR> d-------- C:\Program Files\PCPitstop
2008-05-13 18:09 . 2008-05-13 18:09 <DIR> d-------- C:\Program Files\Common Files\Scanner
2008-05-13 17:51 . 2008-05-13 17:51 <DIR> d-------- C:\VundoFix Backups
2008-05-13 17:10 . 2008-05-13 17:12 <DIR> d-------- C:\Program Files\CleanUp!
2008-05-13 16:50 . 2008-05-13 16:50 <DIR> d-------- C:\Documents and Settings\Administrator
2008-05-13 16:50 . 2008-05-15 21:56 1,024 --ah----- C:\Documents and Settings\Administrator\ntuser.dat.LOG
2008-05-13 12:18 . 2008-05-13 12:18 115,712 --a------ C:\WINDOWS\system32\nmqocciq.dll
2008-05-13 12:13 . 2008-05-13 12:13 <DIR> d-------- C:\Documents and Settings\New Mom\Application Data\Yahoo!
2008-05-13 12:13 . 2008-05-13 12:13 108,544 --a------ C:\WINDOWS\system32\ggjqnulb.dll
2008-05-13 12:12 . 2008-05-13 12:12 <DIR> d-------- C:\Documents and Settings\New Mom\Application Data\HPAppData
2008-05-13 12:11 . 2008-05-15 00:47 <DIR> d-------- C:\Documents and Settings\New Mom\Application Data\Spyware Terminator
2008-05-13 12:09 . 2008-05-15 21:31 <DIR> d-------- C:\Documents and Settings\New Mom
2008-05-13 12:09 . 2008-05-15 22:28 1,024 --ah----- C:\Documents and Settings\New Mom\ntuser.dat.LOG
2008-05-12 19:18 . 2008-05-12 19:18 <DIR> d-------- C:\Documents and Settings\Z-Man\Application Data\Yahoo!
2008-05-12 19:16 . 2008-05-12 19:16 <DIR> d-------- C:\Documents and Settings\Z-Man\Application Data\HPAppData
2008-05-12 19:14 . 2008-05-12 21:50 <DIR> d-------- C:\Documents and Settings\Z-Man\Application Data\Spyware Terminator
2008-05-12 19:05 . 2008-05-12 19:05 <DIR> d-------- C:\Documents and Settings\Keon\Application Data\Yahoo!
2008-05-12 19:03 . 2008-05-12 19:03 <DIR> d-------- C:\Documents and Settings\Keon\Application Data\HPAppData
2008-05-12 19:01 . 2008-05-12 19:51 <DIR> d-------- C:\Documents and Settings\Keon\Application Data\Spyware Terminator
2008-05-12 18:59 . 2008-05-12 21:39 <DIR> d-------- C:\Documents and Settings\Keon
2008-05-12 18:59 . 2008-05-15 22:26 1,024 --ah----- C:\Documents and Settings\Keon\ntuser.dat.LOG
2008-05-12 18:58 . 2008-05-15 22:26 1,024 --ah----- C:\Documents and Settings\Z-Man\ntuser.dat.LOG
2008-05-12 18:53 . 2008-05-12 19:12 <DIR> d-------- C:\Documents and Settings\Z-Man
2008-05-12 18:15 . 2008-05-15 22:28 54,156 --ah----- C:\WINDOWS\QTFont.qfn
2008-05-12 18:15 . 2008-05-12 18:15 1,409 --a------ C:\WINDOWS\QTFont.for
2008-05-12 17:37 . 2008-05-14 15:19 <DIR> d-------- C:\Program Files\WinClamAVShield
2008-05-12 16:00 . 2008-05-12 19:43 <DIR> d-------- C:\Documents and Settings\Mom\Application Data\Spyware Terminator
2008-05-12 16:00 . 2008-05-15 00:47 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Spyware Terminator
2008-05-12 16:00 . 2008-05-12 16:00 141,312 --a------ C:\WINDOWS\system32\drivers\sp_rsdrv2.sys
2008-05-12 15:59 . 2008-05-15 00:47 <DIR> d-------- C:\Program Files\Spyware Terminator
2008-05-12 10:52 . 2008-05-12 10:52 298,311 --a------ C:\WINDOWS\system32\gside.exe
2008-05-12 10:33 . 2008-05-12 10:33 116,736 --a------ C:\WINDOWS\system32\teeycfgx.dll
2008-05-12 10:06 . 2008-05-14 18:13 109,860 --a------ C:\WINDOWS\BM1f552d2f.xml
2008-05-12 10:06 . 2008-05-12 10:06 109,568 --a------ C:\WINDOWS\system32\iyvcjtqe.dll
2008-05-11 13:11 . 2008-05-11 13:11 <DIR> d-------- C:\Documents and Settings\LocalService\Application Data\HPAppData
2008-05-11 13:07 . 2008-05-11 13:07 <DIR> d-------- C:\Documents and Settings\LocalService\Application Data\Yahoo!
2008-05-11 12:18 . 2008-05-14 20:30 371,200 --------- C:\WINDOWS\system32\ssqQjgfG.dll
2008-05-11 12:15 . 2008-05-11 12:15 860 --a------ C:\WINDOWS\system32\winpfz33.sys
2008-05-11 12:14 . 2008-05-11 12:14 401,972 --a------ C:\WINDOWS\system32\g92.exe
2008-05-11 12:14 . 2008-05-11 12:14 167,545 --------- C:\WINDOWS\system32\drivers\core.cache.dsk
2008-05-11 12:13 . 2008-05-12 16:50 <DIR> d-------- C:\WINDOWS\system32\winRem
2008-05-11 12:13 . 2008-05-14 20:30 <DIR> d-------- C:\WINDOWS\system32\spoolX
2008-05-11 12:13 . 2008-05-14 20:30 <DIR> d-------- C:\WINDOWS\system32\MUI2
2008-05-11 12:13 . 2008-05-15 02:18 <DIR> d-------- C:\WINDOWS\system32\cdfig
2008-05-11 12:13 . 2008-05-12 16:50 <DIR> d-------- C:\WINDOWS\system32\1036a
2008-05-11 12:13 . 2008-05-15 21:57 <DIR> d-------- C:\Temp
2008-05-11 12:13 . 2008-05-14 20:30 28,672 --------- C:\WINDOWS\system32\ssqQjHAt.dll
2008-05-07 17:16 . 2008-05-15 00:54 <DIR> d-------- C:\Program Files\FrostWire
2008-05-03 00:12 . 2008-05-03 00:12 <DIR> d-------- C:\Program Files\MP3
2008-05-03 00:12 . 2008-05-03 00:12 <DIR> d-------- C:\Documents and Settings\Mom\WINDOWS
2008-05-03 00:12 . 1998-01-23 12:22 304,128 --a------ C:\WINDOWS\IsUninst.exe
2008-04-28 18:09 . 2008-04-28 18:09 <DIR> d-------- C:\Documents and Settings\Guest\Application Data\Yahoo!
2008-04-28 18:09 . 2008-04-28 18:09 <DIR> d-------- C:\Documents and Settings\Guest\Application Data\HPAppData
2008-04-28 18:07 . 2008-04-28 18:07 <DIR> d-------- C:\Documents and Settings\Guest
2008-04-28 18:07 . 2008-05-15 21:56 1,024 --ah----- C:\Documents and Settings\Guest\ntuser.dat.LOG
2008-04-28 17:17 . 2008-04-28 17:18 452 --a------ C:\WINDOWS\CDPLAYER.UNI
2008-04-28 17:15 . 2008-04-28 17:15 <DIR> d-------- C:\WINDOWS\Free CD Music Converter
2008-04-28 17:15 . 2008-04-28 17:15 <DIR> d-------- C:\Program Files\Free CD Music Converter
2008-04-21 10:35 . 2008-04-21 10:35 <DIR> d-------- C:\Program Files\iPod
2008-04-21 10:34 . 2008-04-21 10:35 <DIR> d-------- C:\Program Files\iTunes
2008-04-21 10:25 . 2008-04-21 10:25 <DIR> d-------- C:\Program Files\Apple Software Update

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))) ))
.
2008-05-15 15:36 --------- d-----w C:\Program Files\Java
2008-05-15 14:57 --------- d-----w C:\Program Files\Microsoft Silverlight
2008-05-15 04:53 --------- d-----w C:\Program Files\Coupons
2008-05-15 02:51 --------- d-----w C:\Program Files\Windows Media Connect 2
2008-05-13 16:10 --------- d-----w C:\Program Files\Web Publish
2008-05-13 01:57 --------- d-----w C:\Documents and Settings\All Users\Application Data\River Past G5
2008-05-07 21:16 --------- d-----w C:\Program Files\LimeWire
2008-05-04 01:52 --------- d-----w C:\Documents and Settings\All Users\Application Data\Microsoft Help
2008-04-30 23:05 --------- d-----w C:\Documents and Settings\Mom\Application Data\LimeWire
2008-04-21 14:32 --------- d-----w C:\Program Files\QuickTime
2008-04-15 23:13 --------- d-----w C:\Program Files\PhotoScape
2008-04-12 19:33 --------- d-----w C:\Program Files\Common Files\Symantec Shared
2008-04-11 22:00 --------- d-----w C:\Program Files\Norton Security Scan
2008-03-26 02:34 --------- d-----w C:\Program Files\The Print Shop 20
2008-03-26 02:34 --------- d-----w C:\Documents and Settings\All Users\Application Data\Riverdeep Interactive Learning Limited
2008-03-26 02:15 --------- d-----w C:\Program Files\Common Files\Broderbund
2008-03-26 02:14 --------- d-----w C:\Documents and Settings\All Users\Application Data\Broderbund Software
2008-03-25 22:20 --------- d-----w C:\Program Files\Common Files\InstallShield
2008-03-18 04:03 --------- d-----w C:\Documents and Settings\Mom\Application Data\ieSpell
2006-11-14 08:48 0 ----a-w C:\Program Files\Common Files\err.log
2005-07-29 20:24 472 --sha-r C:\WINDOWS\TVIuIEhPVFJPRA\npKRKH1jpILjlE.vbs
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 03:56 15360]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNo tifier.exe" [2007-11-30 19:26 68856]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run]
"AlcxMonitor"="ALCXMNTR.EXE" [2004-09-07 14:47 57344 C:\WINDOWS\ALCXMNTR.EXE]
"IgfxTray"="C:\WINDOWS\System32\igfxtray.exe" [2004-11-02 10:03 155648]
"HotKeysCmds"="C:\WINDOWS\System32\hkcmd.exe" [2004-11-02 09:59 126976]
"Ulead AutoDetector v2"="C:\Program Files\Common Files\Ulead Systems\AutoDetector\monitor.exe" [2004-11-26 12:43 90112]
"AGRSMMSG"="AGRSMMSG.exe" [2004-06-29 10:06 88363 C:\WINDOWS\AGRSMMSG.exe]
"HP Software Update"="C:\Program Files\HP\HP Software Update\HPWuSchd2.exe" [2007-03-11 22:34 49152]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 23:16 39792]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2008-03-28 23:37 413696]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2008-03-30 10:36 267048]
"SpywareTerminator"="C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe" [2008-05-12 16:00 1817600]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" [2008-02-22 04:25 144784]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\Cur rentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 03:56 15360]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\Cur rentVersion\RunOnce]
"FlashPlayerUpdate"="C:\WINDOWS\System32\Macromed\ Flash\GetFlash.exe" [ ]

C:\Documents and Settings\Z-Man\Start Menu\Programs\Startup\
prf105.tmp [2008-05-12 18:53:05 0]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe [2007-03-11 22:26:24 210520]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\contro l\securityproviders]
SecurityProviders schannel.dll, digest.dll

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntivirusOverride"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpo licy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"C:\\Program Files\\Messenger\\msmsgs.exe"=
"C:\\Program Files\\iTunes\\iTunes.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpo licy\standardprofile\GloballyOpenPorts\List]
"2960:UDP"= 2960:UDP:Windows Media Format SDK (iexplore.exe)
"2961:UDP"= 2961:UDP:Windows Media Format SDK (iexplore.exe)
"2982:UDP"= 2982:UDP:Windows Media Format SDK (iexplore.exe)

R1 sp_rsdrv2;Spyware Terminator Driver 2;C:\WINDOWS\system32\drivers\sp_rsdrv2.sys [2008-05-12 16:00]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc

.
Contents of the 'Scheduled Tasks' folder
"2008-05-06 20:01:08 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
- C:\Program Files\Apple Software Update\SoftwareUpdate.exe
"2008-05-14 22:00:04 C:\WINDOWS\Tasks\Norton Security Scan.job"
- C:\Program Files\Norton Security Scan\Nss.exe
.
************************************************** ************************

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-05-15 22

00
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

************************************************** ************************
.
------------------------ Other Running Processes ------------------------
.
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Spyware Terminator\sp_rsser.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe
.
************************************************** ************************
.
Completion time: 2008-05-15 22:33:25 - machine was rebooted
ComboFix-quarantined-files.txt 2008-05-16 02:33:19

Pre-Run: 24,630,673,408 bytes free
Post-Run: 25,401,085,952 bytes free

231 --- E O F --- 2008-05-14 07:02:09

Thread: Can anyone help me with this log?

Thread Tools

Display

Thread Information

Users Browsing this Thread

Posting Permissions